Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPv6 over OpenVPN

    Scheduled Pinned Locked Moved OpenVPN
    10 Posts 5 Posters 986 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • U
      User42
      last edited by

      As the title says I would like to give IPv4 OpenVPN clients access to the IPv6 internet. I have an internet connection that gives me IPv4 and a tunnel broker that gives me IPv6. I am relatively new to IPv6 and OpenVPN, so I was hopping for some advice and configuration instructions.

      Thank You

      JKnottJ 1 Reply Last reply Reply Quote 0
      • JKnottJ
        JKnott @User42
        last edited by

        @User42

        Have you looked at the IPv6 settings on the OpenVPN client and server pages. They're pretty self explanatory.

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        1 Reply Last reply Reply Quote 0
        • U
          User42
          last edited by

          I configured IPv6 and IPv4 on the VPN but when I check my IP address I get only IPv4. Why is this?

          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan @User42
            last edited by

            @User42 said in IPv6 over OpenVPN:

            check my IP

            Your browser picks whatever A or AAAA it has available in it's local cache, or upstream DNS cache, like the one pfSense is using. Or even farther up.

            Use site like https://test-ipv6.com/ to force the detection.
            The what-is-my-IP are to stupid. They should been called "do-I-have-a-conenction".

            Also, I've set up pfSense so it offers my networks a IPv4 and IPv6 connection.
            When I VPN into my pfSense from a remote, IPv4 only place, I do have a IPv4 and IPv6 from my pfSense VPN server.
            This is because :
            I have a dual IPv4 IPv6 stack at my disposal
            I control the pfSense VPN server
            I control the VPN client, but I'm actually just using the VPN client export utility from pfSense and stock VPN software.
            and that does the job.

            @User42 said in IPv6 over OpenVPN:

            a tunnel broker that gives me IPv6.

            tunnel.he.net ? That's the one I'm using also. If so, I be glad to post my settings.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • U
              User42
              last edited by

              I also use HE, In my internal network I have IPv6 working it connects and the https://test-ipv6.com/ test passes but over the VPN I only get IPv6 and I fail the test.

              1 Reply Last reply Reply Quote 0
              • J
                jsdss
                last edited by

                I have a tunnel provided by HE as well, but I am not routing v6 from that tunnel across my VPN. My ISP also provides me native v6. I am routing a subnet from that allocation over VPN. I have no reason to believe you can't get this working across your tunnel though.

                You have to allocate a v6 subnet to your vpn and that is configured in the "IPv6 Tunnel Network". If that is done check your FW rules. There is not a rule auto generated for v6 on the VPN, you would need to create that.

                If my memory serves me correctly, I don't believe there was any other trickery to the config.

                1 Reply Last reply Reply Quote 0
                • calvinsteelC
                  calvinsteel Banned
                  last edited by

                  I do not have expertise to configure IPv6 on OpenVPn but I have a link where you can get a proper solution. https://www.purevpn.com/what-is-vpn/protocols/openvpn

                  1 Reply Last reply Reply Quote 0
                  • GertjanG
                    Gertjan
                    last edited by

                    @calvinsteel @User42 was asking about how to connect its OpenVPN clients to his pfSense OpenVPN server.
                    And you throw in a "commercial VPN solution" that has nothing to do with the subject of this thread.

                    No "help me" PM's please. Use the forum, the community will thank you.
                    Edit : and where are the logs ??

                    1 Reply Last reply Reply Quote 0
                    • GertjanG
                      Gertjan
                      last edited by

                      User42 : if you have IPv6 working using tunnel.het.net, you can ping from your LAN any IPv6 enabled host, like :

                      C:\Users\Left>ping -6 netgate.com
                      
                      Envoi d'une requête 'ping' sur netgate.com [2610:160:11:11::73] avec 32 octets de données :
                      Réponse de 2610:160:11:11::73 : temps=166 ms
                      Réponse de 2610:160:11:11::73 : temps=166 ms
                      Réponse de 2610:160:11:11::73 : temps=166 ms
                      Réponse de 2610:160:11:11::73 : temps=166 ms
                      

                      (sorry, french systems here)

                      To make IPv6 work for OpenVPN warrior access :

                      0716d3ce-ab0c-4071-9131-09adf1545751-image.png

                      I already used the above mentioned /64 for my LAN.
                      So I took the fourth /64 from the /48block to assign it to the OpenVPN server :

                      09b816c1-23d2-42d9-9d68-d9bac52a085a-image.png

                      Note ......ccea.3:: == fourth /64 block, ......ccea.0::64 being block 1

                      This :

                      43341027-34f5-4a44-8826-c13f7a876a5d-image.png

                      doesn't need any explanation.

                      The server setup looks like this :

                      8839bd8f-ea36-44c9-982a-bb9ceaf5d5d1-image.png

                      I'm not using the OpenVPN "placeholder" interface. I created a OPENVPN 'per VPN server instance' interface, and added these rather logic rules :

                      ca9fa5b6-f651-4f9e-9a79-048428a8ede3-image.png

                      so that any foreign traffic can actually enter.

                      And, from memory, that's all I did no make it work.

                      From that point I can remote login using OpenVPN into pfSense, and use it's IPv6 facilities.

                      No "help me" PM's please. Use the forum, the community will thank you.
                      Edit : and where are the logs ??

                      1 Reply Last reply Reply Quote 0
                      • U
                        User42
                        last edited by

                        Thank You for your help on everything, it works now! :)

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.